In the field of computer security, so-called “phishing” is one of many attack vectors that may be used to compromise a user's private data or system resources. In a general sense, phishing is an act of social engineering. In one example of a phishing attack, a sender provides to a recipient a message containing falsified data designed to deceive the recipient into sending back to the sender sensitive information or property. For example, in a common phishing attack, a malicious sender pretends to be a friend of an end-user recipient. The malicious sender provides a message, such as an email or a text message, saying that he is trapped in a foreign country, and needs the recipient to wire him money so that he can return home. If the recipient sends money to the malicious sender, the malicious sender absconds with the money, never to be seen again.
In another form of social engineering attack, a malicious sender pretends to be an official working for a company, and requests that the recipient provide network credentials. If the recipient provides the credentials to the malicious sender, then the malicious sender may gain access to an enterprise network, and may work mischief. Many other types of social engineering attacks are used, and may take the basic form of a malicious sender sending to a recipient a message containing falsified information for the purpose of procuring information or property.